Home Page Dashboard - 1.0 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Assess User Guide

Product
Cortex XPANSE
Version
1.0
Creation date
2022-08-25
Last date published
2022-12-01
Category
User Guide

The Cortex Xpanse Home Page dashboard displays the widgets described in the sections below. Note that you can download an image of any widget in the dashboard in SVG or PNG format by clicking the download icon (download-widget-icon.png).

You can customize the data that is displayed in the Home Page dashboard by configuring your Dashboard Preferences and setting the filters. See Home Page Filters and Dashboard Preferences for more information.

Total On Prem Assets
total-on-prem-assets.png

Displays the total number of directly discovered On Prem hosted assets, as well as the breakdown of On Prem assets by active Services, Certificates, Domains, and individual IP addresses. The trend, which is the change in the Total On Prem Assets since the last assessment, is displayed to the right of the total count.

  • Click a bar in the chart or the count for any category (Services (active), Certificates, Domains, IPs) to display the list view of that category with the On Prem Provider filter applied.

Total Cloud Assets
total-cloud-assets.png

Displays the total number of cloud assets as well as the breakdown of cloud assets by active Services, Certificates, Domains, and Individual Cloud Resources. The trend, which is the change in the Total Cloud Assets count since the last assessment, is displayed to the right of the total count.

  • Click a bar in the chart or the count for any category (Services, Certificates, Domains, and Cloud Resources) to display the list view of that category with the Cloud Providers filter applied.

Active High+ Priority Issues
active-high-priority-issues.png

Displays information about the number of Active Issues with a priority of High or Critical.

If you did not set your Top Issues Types in Dashboard Preferences, the data in this widget is based on all your Active Issues with a priority of High or Critical. The total count is the number of your High+ Active issues. The trend, which is the change in the count since the last assessment, is displayed to the right of the total count. The table displays the top five Issue Types based on the number of Active Issues.

If you set your Top Issue Types in the Dashboard Preferences, the data in this widget is based on the issues for your selected Top Issue Types. In this case the total count is the number of Active Issues for your selected Top Issue Types only. The table displays the top five of your selected Top Issue Types in order based on the number of Active Issues. If you have selected fewer than five Top Issue Types, only the ones you have selected will be shown in the table.

  • If you did not set Top Issue Types in the Dashboard Preferences, clicking the total count will display the Issues list filtered by High and Critical priority, Open Issues progress, and Active status.

    If you set the Top Issue Types, clicking the total count displays the Issues list filtered by your selected Issue Types, Open Issues progress, and Active status.

  • Clicking a Top Issue Type count in the table displays the Issues list filtered on the type, High and Critical priority, Open Issues progress, and Active status.

  • Hovering over the chart displays the issue count for a specific date.

  • If you set the Top Issue Types, clicking All Issues displays the Issues list filtered by your selected Issue Types, Open Issues progress, and Active status.

New CVE Policy Available
new-cve-policy-available.png

Displays the most recently released CVE-related policy from Cortex Xpanse and the number of Active issues based on that policy. The table displays the last five policies, whether they are ON or OFF for your organization, and the number of Active issues for those policies that are ON.

Note

If you don’t have permission to view the Policy module, the table will not be displayed.

  • Click the latest CVE policy at the top of the widget to display the Issues list filtered by that issue type and Active status.

  • Click the count of any of the New Policies to display the issues list filtered by that issue type and Active status.

  • Click All Policies to display the Policies list.

Top 5 Countries with On Prem Issues
top-5-countries-with-onprem-issues.png

Displays the issue counts for the five countries with the most On Prem and Cloud issues.

  • Toggle between On Prem and Cloud issues.

  • Click a highlighted country to display the list of Active issues filtered by On Prem or Cloud and by country.

  • Click Location Overview to display the Issues Overview Dashboard.

Riskiest Cloud Provider
riskiest-cloud-provider.png

The Riskiest Cloud Provider is the provider (excluding Other) with the highest number of Issues with Medium or higher priority. The trend, which is the change in the number of Medium or higher issues for that provider in the last 30 days, is displayed next to the provider name. In the chart, each percentage is the % of cloud issues associated with that provider relative to all Medium or higher priority cloud issues.

  • Click the name of the Riskiest Cloud Provider (in the upper left) to display the Issues list filtered by that provider, Active status, and Medium or higher priority.

  • Click any provider on the chart to display the Issues list filtered by that provider, Active status, and Medium or higher priority.

  • Click Cloud Issues to display the Issues list filtered by all Cloud Providers, Active status, and Medium or higher priority.

Remediated Issues
remediated-issues.png

Displays the top ten issue types for Closed Issues with Medium or higher priority. For each issue type the number of issues is broken down by Closed Issue Progress Status (Acceptable Risk, No Risk, Resolved).

  • Click a bar in the chart to display the list of issues filtered by issue type and the relevant progress status.

  • Click Closed Issues List to display the Issues list filtered by all Closed Issues Statuses.

Total Providers
total-providers.png

Displays the Cloud Service Providers your organization is using. The total count is the number of providers that are hosting services (excluding Other) for your organization. Approved Providers are displayed in shades of blue; Unapproved Providers are displayed in shades of red. The red or blue is darker if the percentage of services hosted by that provider is higher. The size of each tile is based on the percentage of total services hosted by that provider.

If you have not selected your approved providers in the Dashboard Preferences, all tiles in this chart will be red (unapproved).

If you have selected your approved cloud service providers in the Dashboard Preferences, approved providers will be blue. All other providers will be a shade of red.

The trend, which is the change in the total count in the last 30 days, appears to the right of the total count.

  • Click the total count to display the Services list filtered on Directly Discovered and Cloud Providers (excluding Other).

  • Click a tile in the chart to display the Services list filtered by that cloud provider and Directly Discovered.

  • Click All Services to display the Services list filtered on Directly Discovered and Cloud Providers (excluding Other).

All Domain Registrars
all-domain-registrars.png

Displays the total number of registrars that your domains are using. The trend, which is the change in the total number of registrars in the last 30 days, is shown to the right of the total count. The ten registrars with the most domains are displayed on the chart.

IF you did NOT specify Approved Registrars in the Dashboard Preferences, all of the dots on the chart will be red (unapproved).

If you specified your Approved Registrars in the Dashboard Preferences, your Approved Registrars will have blue dots and the others will have red (unapproved).

  • Click the total count to display the Domains list.

  • Click any dot in the chart to display the Domains list filtered by that registrar.

  • Click All Domains to display the Domains list.

All Certificate Issuers
all-certificate-issuers.png

Displays total number of certificate issuers. The trend, which shows the change in the number of certificate issuers in the last 30 days, is to the right of the total count. The bar chart shows the ten issuers with most certificates, with red bars indicating Unapproved Issuers and blue bars indicating Approved Issuers.

If you did not specify Approved Certificate Issuers in Dashboard Preferences, then all certificate issuers are considered Unapproved, and all of the bars in the bar chart will be red (Unapproved Issuers).

If you specified your Approved Certificate Issuers in Dashboard Preferences, then only the Approved Issuers will have blue bars, and all the rest will be red (Unapproved Issuers).

  • Click the total count to display the Certificates list.

  • Click any bar in the chart to display the Certificates list filtered by that issuer.

  • Click All Certificate Issuers to display the Certificates list.

All Certificate Issues